<?php
//connect to database
include "p_koneksi.php";

// Define $username and $password 
$username=$_POST['username']; 
$password=$_POST['password']; 
$keyword=md5($password);

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($username);
$mypassword = stripslashes($keyword);
$myusername = mysql_real_escape_string($username);
$mypassword = mysql_real_escape_string($keyword);

$sql="SELECT * FROM aktor WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
	$isi=mysql_fetch_row($result);
	session_start();
	$_SESSION['username']=$isi[1];
	$_SESSION['golongan']=$isi[4];
		if ($isi[4]==0){
			header ("location:dashboard/admin.php");
		}
		else if ($isi[4]==1){
			header("location:dashboard/pemberi.php");
		}
		else if ($isi[4]==2){
			header("location:dashboard/penerima.php");
		}
			else if ($isi[4]==3){
			header("location:dashboard/penyalur.php");
		}
}
else {
	die("Username atau password yang dimasukkan salah. Mohon ulangi dan pastikan caps lock tidak aktif. <br> <a href=\"javascript:history.back()\">kembali</a>");
}

?>